Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to debug android so with r2 #217

Open
allen2015555 opened this issue Aug 20, 2019 · 14 comments
Open

How to debug android so with r2 #217

allen2015555 opened this issue Aug 20, 2019 · 14 comments

Comments

@allen2015555
Copy link

No description provided.

@allen2015555
Copy link
Author

What android type you do have? Is this a Cylon? Or a Terminator? We don't support Replicants yet. And Data plugin was removed because nobody was willing to maintain it.

sorry, my englist is poor. I mean how to debug android so with r2 like ida pro. R2 can't debug the android so in the real android phone?

@radare
Copy link
Collaborator

radare commented Aug 20, 2019 via email

@XVilka
Copy link
Contributor

XVilka commented Aug 20, 2019

I will move the issue to r2book, ok?

@allen2015555
Copy link
Author

I will move the issue to r2book, ok?

Thank you! I hope find the the tutorial for debug android shared library in r2book.

@allen2015555
Copy link
Author

I dont know how ida does that, but r2 can debug android shared libraries (if this is what u mean by so). In the same way that gdb do. Just attach to the process and put breakpoints or whatever. You can also use r2frida for that purpose

On 20 Aug 2019, at 09:49, allen2015555 @.***> wrote: What android type you do have? Is this a Cylon? Or a Terminator? We don't support Replicants yet. And Data plugin was removed because nobody was willing to maintain it. sorry, my englist is poor. I mean how to debug android so with r2 like ida pro. R2 can't debug the android so in the real android phone? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

Thandks for your reply. I will try it.

@gogo2464
Copy link
Contributor

With radare2 you can set breakpoint on compiled part of binaries such as arm and in .dex files. In pratice I personally just use radare2 for the binary because it is more convenient to debug the smali with real files disassembled than dex binaries. Apk has the particularity to be full repackaged. So I find it better like that.

I have a command to debug remotely an apk from a virtual machine with radare2 on the binary. I will find it and post it here when I will have found it.

@gogo2464
Copy link
Contributor

The first part is to attach the pid from the android VM with:

gdbserver --attach localhost:12345 18190

where 18190 is the pid of the process.

@trufae
Copy link
Contributor

trufae commented Feb 11, 2021

just r2 -d 18190

@trufae
Copy link
Contributor

trufae commented Feb 11, 2021

Note for my future self: reference the r2frida book when ready for consumption

@gogo2464
Copy link
Contributor

just r2 -d 18190

Yes but after you will need to select what you debug like dex file or .so.

@gogo2464
Copy link
Contributor

gogo2464 commented Feb 14, 2021

I imagine something like:

gdbserver --attach localhost:1234 <PID>;
radare2 -d gdb://localhost:1234/ -e dbg.exe.path=library.so;

Inspired by https://mobile-security.gitbook.io/mobile-security-testing-guide/android-testing-guide/0x05c-reverse-engineering-and-tampering#debugging-native-code.

@trufae
Copy link
Contributor

trufae commented Jun 28, 2024

cc @apkunpacker

@gogo2464
Copy link
Contributor

@trufae if you want I can show my commands to @apkunpacker ?

@trufae
Copy link
Contributor

trufae commented Jun 29, 2024

Sharing is caring :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

5 participants